Project

General

Profile

Actions

Bug #5999

closed

IPv6 IP Alias prevents Track Interface from working with DHCPv6 and RA

Added by Abuzer Rafey over 5 years ago. Updated 8 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Interfaces
Target version:
Start date:
03/15/2016
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:

Description

I'm attempting to have GUA and ULA addresses provisioned to clients on the LAN interface by using DHCPv6 to provide GUA addresses and Router Advertisements to provide both GUA + ULA routes so that clients generate addresses via SLAAC. This is to allow for resilient IPv6 connectivity since my ISP provides a /56 over DHCPv6, which requires me to use Track Interface. Under DHCPv6 Server & RA > VLAN5 > Router Advertisements, I've added fdc0:ffee:5::1/64 to RA Subnets and switched the Router Mode to Assisted. The IP Alias is set to fdc0:ffee:5::1/64 for the VLAN5 interface.

This setup works perfectly until I reboot the pfSense machine or reset the LAN interface. This causes the IP Alias / CARP address to appear as the primary interface route and the tracked interface to appear as a secondary route (only visible by running netstat -nr). Both DHCPv6 and RA give out ULA routes only. I suppose this would be fine if the bug occurred with a static IPv6 prefix from an HE.net tunnel because one could add the static prefix to the RA Subnet tab. Unfortunately, I've seen my DHCPv6 prefix change with a modem reboot so that wouldn't work. I tested it with 6to4 and didn't encounter this problem, so it seems to vary based on the type of interface.

I've found the output of ifconfig lagg0_vlan5 | grep inet6 to be directly correlated to the problem. Here's the output:

Before applying IP Alias to VLAN5

inet6 2600:8805:5::1 prefixlen 64 
inet6 fe80::1:1%lagg0_vlan5 prefixlen 64 scopeid 0x9

After applying IP Alias to VLAN5

inet6 2600:8805:5::1 prefixlen 64 
inet6 fe80::1:1%lagg0_vlan5 prefixlen 64 scopeid 0x9 
inet6 fdc0:ffee:5::1 prefixlen 64

After reboot

inet6 fdc0:ffee:5::1 prefixlen 64
inet6 2600:8805:5::1 prefixlen 64 
inet6 fe80::1:1%lagg0_vlan5 prefixlen 64 scopeid 0x9

After VLAN5 and/or WAN reset

inet6 fdc0:ffee:5::1 prefixlen 64
inet6 fe80::1:1%lagg0_vlan5 prefixlen 64 scopeid 0x9
inet6 2600:8805:5::1 prefixlen 64

I don't know much about how BSD/pfSense decide which IPv6 route to pass onto radvd or which prefix to use for DHCPv6 clients but as a temporary workaround I'm using a script that runs ifconfig lagg0_vlan5 | grep inet6 every minute. If the line containing inet6 fdc0 occurs before the line containing inet6 fe80 (ie. if it looks like the last two outputs above), then it executes ifconfig lagg0_vlan5 inet6 fdc0:ffee:5::1 prefixlen 64 -alias && ifconfig lagg0_vlan5 inet6 fdc0:ffee:5::1 prefixlen 64 alias to force the ULA address/route to the bottom, which gets DHCPv6 and radvd working correctly so I think that the problem lies here somewhere.

Hopefully this helps.


Files

system.log (442 KB) system.log Allen Balaj, 12/03/2020 02:12 PM
2021-02-07 (1).png (130 KB) 2021-02-07 (1).png Allen Balaj, 02/07/2021 12:36 PM
2021-02-07.png (64.9 KB) 2021-02-07.png Allen Balaj, 02/07/2021 12:36 PM
2021-02-07 (3)_LI.jpg (552 KB) 2021-02-07 (3)_LI.jpg Allen Balaj, 02/07/2021 12:36 PM
Actions

Also available in: Atom PDF